Cyber Security – The truth about your weakest link is...

Cyber Security – the true weakest link is you

It’s not exactly the nicest title but an unfortunate fact that is a re-occurring subject in the IT Industry, is that no matter what we put in place to protect your Business or your Infrastructure, it only takes human error to break it apart.

That is assuming the human error was actual error. It’s not uncommon that a begrudged individual takes action to damage a business or make others working day much harder then normal.

It’s human factor that we act irrational when we are upset or annoyed, so it’s no secret that causing destruction could cross everyone’s mind.

Data Leaking – the enemy of my enemy

Recently, GTA 6 hit the news when Rockstar had a major ‘leak’ of information about the upcoming game. Leaks, (or Data Exposure) isn’t exactly a new thing in the gaming industry, but they do frequently result from two outcomes – A result of a user having their access compromised and information is gained as a result; or someone who had access to that information intentionally giving it out to 3rd parties. ?

In both cases, this is human error or human intervention. No amount of Cyber Security could prevent it, though Auditing may help trace who, what or why a ‘leak’ took place.

If we put the shoe on your foot, what kind of data do you have that might be useful to ‘leak’ to the public, or your competitors?

A list of client or customer personal addresses? What about some important contacts? Do you have a secret that might give someone else an edge?

Data exposure can have massive impact on your business, be it from having a user compromised due to mistake or lack of due diligence; or a result of a disgruntled member of staff that made the decision that will no doubt make your day.

So, what can I do?

Managing your Data, no matter how big or small is incredibly important. How its stored and who has access to it makes the difference between data exposure being a couple of nonsense word files, to your most crucial secrets. The bigger you are in your Industry, the more complicated this can become, but there are points you can consider:

Plan your Data Map – Split your data sensibly and efficiently, not everything needs to be stored in the same location.

Control the access – Does everyone need access to all data? What about departments or teams?

Contain it in, on or with a trustful source – Where your data lives and how, or who both inside and outside can gain access to it matters.

Audits – Can you trust everyone who has access to your business data? Consider having auditing for access and interaction.

Backups – Make sure you back everything up, data exposure doesn’t always result in data theft but also data destruction.

Train your Staff – Do they know how to detect malicious intent, or can they tell a fake email from a real one?

Unfortunately, the reality is that the biggest security risk to any business or system is ourselves. However, by thinking about how we contain our data, how we give access to it, and what we can do to help safeguard, it will ultimately reduce the damage if it ever was exposed because of our human error prone ways